<p>HIPAA breaches and unauthorized access to Electronic Health Records (EHRs) have been growing more likely due to the sudden digitalization of the healthcare sector. High endurance, privacy-based security practices have never been more in demand as hospitals and other medical facilities of this type have clung to the electronic system. The given study considers this problem by suggesting an anomaly detection model that determines the presence of abnormal or suspicious access patterns in EHR systems using Variational Autoencoders (VAEs). One of the main weaknesses of creating an efficient security model in the healthcare sector is that access to real-world information is limited and is constrained by privacy policies. To bridge this challenge, a synthetically enriched EHR access log dataset was generated and realistic features, including departmental affiliations, user roles, frequency of access, and timestamps, were ensured; the artificially generated dataset is, therefore, a close simulation of real-world hospital activities. By observing the access patterns of healthcare professionals that are generally typical in a latent space, the proposed VAE model can signal deviations that can indicate a possible security breach or policy violation without revealing or even relying on actual patient data, thus identifying both large and small-scale aberrations by modelling these latent representations. Evidence of the superiority of VAE-based detection over traditional machine learning algorithms, including Isolation Forest and One-Class Support Vector machines, using some key measures, like accuracy (F1-score: 0.93), lower false-positive rates, and greater sensitivity to noisy data, confirms this assertion. As a result, unsupervised deep generative modelling plus synthetic data generation provides a new, privacy-conserving approach to improving the cybersecurity of medical information systems. Based on the results, the VAE-based anomaly detection can become a trusted means of protecting sensitive healthcare infrastructure against the changing cyber risks.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Enhancing healthcare information security through VAE-driven anomaly detection in EHR access patterns

  • Touseef Iqbal,
  • Ifrah Raoof,
  • Mohannad Alkanan,
  • Yonis Gulzar

摘要

HIPAA breaches and unauthorized access to Electronic Health Records (EHRs) have been growing more likely due to the sudden digitalization of the healthcare sector. High endurance, privacy-based security practices have never been more in demand as hospitals and other medical facilities of this type have clung to the electronic system. The given study considers this problem by suggesting an anomaly detection model that determines the presence of abnormal or suspicious access patterns in EHR systems using Variational Autoencoders (VAEs). One of the main weaknesses of creating an efficient security model in the healthcare sector is that access to real-world information is limited and is constrained by privacy policies. To bridge this challenge, a synthetically enriched EHR access log dataset was generated and realistic features, including departmental affiliations, user roles, frequency of access, and timestamps, were ensured; the artificially generated dataset is, therefore, a close simulation of real-world hospital activities. By observing the access patterns of healthcare professionals that are generally typical in a latent space, the proposed VAE model can signal deviations that can indicate a possible security breach or policy violation without revealing or even relying on actual patient data, thus identifying both large and small-scale aberrations by modelling these latent representations. Evidence of the superiority of VAE-based detection over traditional machine learning algorithms, including Isolation Forest and One-Class Support Vector machines, using some key measures, like accuracy (F1-score: 0.93), lower false-positive rates, and greater sensitivity to noisy data, confirms this assertion. As a result, unsupervised deep generative modelling plus synthetic data generation provides a new, privacy-conserving approach to improving the cybersecurity of medical information systems. Based on the results, the VAE-based anomaly detection can become a trusted means of protecting sensitive healthcare infrastructure against the changing cyber risks.